class UsersController < ApplicationController
  def initialize
    @title = "用户管理"
  end
  # GET /users
  # GET /users.xml
  def index
    @users = User.all

    respond_to do |format|
      format.html # index.html.erb
      format.xml  { render :xml => @users }
    end
  end

  # GET /users/1
  # GET /users/1.xml
  def show
    @user = User.find(params[:id])

    respond_to do |format|
      format.html # show.html.erb
      format.xml  { render :xml => @user }
    end
  end

  # GET /users/new
  # GET /users/new.xml
  def new
    @user = User.new
    respond_to do |format|
      format.html # new.html.erb
      format.xml  { render :xml => @user }
    end
  end

  # GET /users/1/edit
  def edit
    @user = User.find(params[:id])
  end

  # POST /users
  # POST /users.xml
  def create
    @user = User.new(params[:user])
    @user[:type] = params[:user][:type]
    respond_to do |format|
      if @user.save
        format.html { redirect_to(:action=>'index', :notice => 'User was successfully created.') }
        format.xml  { render :xml => @user, :status => :created, :location => @user }
      else
        format.html { render :action => "new" }
        format.xml  { render :xml => @user.errors, :status => :unprocessable_entity }
      end
    end
  end

  # PUT /users/1
  # PUT /users/1.xml
  def update
    @user = User.find(params[:id])

    respond_to do |format|
      @user[:type] = params[:user][:type]
      if @user.update_attributes(params[:user])
        format.html { redirect_to(:action=> "index", :notice => 'User was successfully updated.') }
        format.xml  { head :ok }
      else
        format.html { render :action => "edit" }
        format.xml  { render :xml => @user.errors, :status => :unprocessable_entity }
      end
    end
  end

  # DELETE /users/1
  # DELETE /users/1.xml
  def destroy
    @user = User.find(params[:id])
    @user.destroy

    respond_to do |format|
      format.html { redirect_to(:action=> 'index') }
      format.xml  { head :ok }
    end
  end

  def login
    if params[:user]
      @user = User.login(params[:user])
      if @user
        session[:user] = @user
        redirect_to :controller=>"home", :action=>"index"
      else
        flash[:error] = "用户名密码不正确"
      end
    else
      render :layout => false
    end
  end

  def logout
    session = nil 
    redirect_to :action => "login"
  end
  def changepwd
    logger.info("change password : " + params[:newpass])
    unless params[:newpass]
      render :text=> params[:newpass] 
    else
      _user = session[:user]
      _user.update_attribute('password',params[:newpass])
      render :text => params[:newpass] 
    end
  end
end
